Menu
×
My W3Schools Get Certified Spaces For Teachers Plus Get Certified Spaces For Teachers Plus
   ❮   
HTML CSS JAVASCRIPT SQL PYTHON JAVA PHP HOW TO W3.CSS C C++ C# BOOTSTRAP REACT MYSQL JQUERY EXCEL XML DJANGO NUMPY PANDAS NODEJS R TYPESCRIPT ANGULAR GIT POSTGRESQL MONGODB ASP AI GO KOTLIN SASS VUE DSA GEN AI SCIPY AWS CYBERSECURITY DATA SCIENCE
     ❯   

AWS Cloud Tutorial

AWS HOME AWS Intro AWS Cloud Certification AWS Get Started AWS Cloud Computing AWS Cloud Benefits AWS EC2 Intro AWS EC2 Instance Types AWS EC2 Pricing AWS EC2 Scaling AWS EC2 Auto Scaling AWS Elastic Load Balancing AWS Messaging AWS SNS AWS SQS AWS Serverless AWS Lambda AWS Containers AWS ECS AWS EKS AWS Fargate AWS First Recap AWS Infrastructure AWS Regions AWS Availability Zones AWS Edge Locations AWS Provision AWS Provision Services AWS Elastic Beanstalk AWS CloudFormation AWS Second Recap AWS Networking AWS Connectivity AWS Subnet and Access AWS Global Networking AWS Third Recap AWS Storage and DBs AWS Instance Stores AWS EBS AWS S3 AWS EBS vs S3 AWS Elastic File System AWS RDS AWS DynamoDB AWS DynamoDB vs RDS AWS Redshift AWS DMS AWS Additional DB Services AWS Fourth Recap AWS Cloud Security AWS Shared Responsibility AWS User Access AWS Organizations AWS Cloud Compliance AWS DDoS AWS Other Services AWS Fifth Recap AWS Monitoring and Analytics AWS CloudWatch AWS CloudTrail AWS TrustedAdvisor AWS Sixth Recap AWS Pricing and Support AWS Free Tier AWS Pricing Models AWS Billing Dashboard AWS Consolidated Billing AWS Budgets AWS Cost Explorer AWS Support Plans AWS Marketplace AWS Seventh Recap AWS Migration and Innovation AWS CAF AWS Migration Strategies AWS Snow Family AWS Innovation AWS Eight Recap AWS Cloud Journey AWS Well-Architected Framework AWS Cloud Benefits AWS Ninth Recap AWS Exam Preparation

AWS Examples

AWS Cloud Exercises AWS Cloud Quiz AWS Certificate

More AWS

AWS Machine Learning AWS Serverless

User Permissions and Access

❮ Previous Next ❯

What is AWS Identity and Access Management?

AWS IAM is also called AWS Identity and Access Management.

It helps you securely manage AWS resources and services.

IAM features are:

  • AWS account root user
  • IAM Users
  • IAM policy
  • IAM groups
  • IAM roles
  • Multi-factor authentication

By combining IAM features, you have the flexibility to configure specific operational and security access.

User Permissions and Access Video

W3schools.com collaborates with Amazon Web Services to deliver digital training content to our students.

AWS Account Root User

AWS account root user gets created when you first start an AWS account.

Access your account root user by AWS account credentials (email and password).

It has full access to all of the accounts resources and AWS services.

Some of the good practices are:

  • Avoid using the root user for daily tasks
  • Use it to create IAM with permissions to create other users
  • Use it only for the root user-specific tasks
Image of creating and using the root user

Image created by Amazon Web Services

IAM Users

IAM user represents an entity (person or an application) that interacts with AWS resources and services.

IAM user is made of credentials and a name.

It is created without permissions by default.

The root user can grant permissions to the IAM user.

It is recommended that you create one IAM user for each individual.

IAM Policies

IAM policies are documents.

They deny or allow permissions to AWS resources and services.

They customize user access to AWS resources and services.

You can give only those permissions that each user needs.

IAM policy example is illustrated below.

Image of creating and using the root user

Image created by Amazon Web Services

IAM Groups

A collection of IAM users is called an IAM group.

IAM policy assigned to the IAM group grants permissions to all IAM users of that group.

Image of creating and using the root user

Image created by Amazon Web Services

IAM Roles

IAM role is temporary access to services or resources.

Before an IAM role can be given, IAM user, service, or application must have permission to switch roles.

It is best for cases where temporary access needs to be given.

Multi-factor Authentication

Multi-factor authentication is a multiple-step authentication.

It can provide more than one authentication form.

It is an extra layer of security.

It may come in the form of a security code that is sent to your mobile device or an email.

AWS Cloud Exercises

Test Yourself With Exercises

Exercise:

Fill in the blank

IAM user represents an  (person or application)

Start the Exercise

❮ Previous Next ❯
PLUS
SPACES
GET CERTIFIED
FOR TEACHERS
FOR BUSINESS
CONTACT US
×

Contact Sales

If you want to use W3Schools services as an educational institution, team or enterprise, send us an e-mail:
sales@w3schools.com

Report Error

If you want to report an error, or if you want to make a suggestion, send us an e-mail:
help@w3schools.com

Top Tutorials
HTML Tutorial
CSS Tutorial
JavaScript Tutorial
How To Tutorial
SQL Tutorial
Python Tutorial
W3.CSS Tutorial
Bootstrap Tutorial
PHP Tutorial
Java Tutorial
C++ Tutorial
jQuery Tutorial
Top References
HTML Reference
CSS Reference
JavaScript Reference
SQL Reference
Python Reference
W3.CSS Reference
Bootstrap Reference
PHP Reference
HTML Colors
Java Reference
Angular Reference
jQuery Reference
Top Examples
HTML Examples
CSS Examples
JavaScript Examples
How To Examples
SQL Examples
Python Examples
W3.CSS Examples
Bootstrap Examples
PHP Examples
Java Examples
XML Examples
jQuery Examples
Get Certified
 HTML Certificate
CSS Certificate
JavaScript Certificate
Front End Certificate
SQL Certificate
Python Certificate
PHP Certificate
jQuery Certificate
Java Certificate
C++ Certificate
C# Certificate
XML Certificate
FORUM ABOUT ACADEMY
W3Schools is optimized for learning and training. Examples might be simplified to improve reading and learning.
Tutorials, references, and examples are constantly reviewed to avoid errors, but we cannot warrant full correctness
of all content. While using W3Schools, you agree to have read and accepted our terms of use, cookie and privacy policy.

Copyright 1999-2024 by Refsnes Data. All Rights Reserved. W3Schools is Powered by W3.CSS.